search

microsoft / azurechat

🤖 💼 Azure Chat Solution Accelerator powered by Azure Open AI Service
MIT License
1.23k stars 1.19k forks source link

Force application of authorization header can break extensions that require their own authorization header. #455

Open DakotaWray2 opened 1 day ago

DakotaWray2 commented 1 day ago

In chat-api-dynamic-extensions.ts there is the following code.

// we need to add the user id to the headers as this is expected by the function and does not have context of the user
headerItems.push({
  id: "authorization",
  key: "authorization",
  value: await userHashedId(),
});

In my use case I am connecting to the Azure DevOps API. The API requires an 'Authorization' header with a personal access token issued by DevOps.

The current logic would apply two headers (authorization + Authorization) which breaks the api call.

Recommend we look at refactoring the requirement for that forced authorization header to help support more api call scenarios.

Thanks again for the great repo!

fsch-ppi commented 3 hours ago

I do not even understand why this is a requirement - I mean the authorization header to be there. Which function requires it?